Skip to Content.
Sympa Menu

interfed - RE: [inc-interfed] status update, creating combined metadata file

Subject: Interfederation

List archive

RE: [inc-interfed] status update, creating combined metadata file

Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: "" <>
  • Subject: RE: [inc-interfed] status update, creating combined metadata file
  • Date: Mon, 25 Feb 2013 16:45:52 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

> OSU is a bad example since the OSU IdP releases attributes to ALL SPs.

I'd rather say we're a good example in light of US privacy law and our users'

> Using your sequence of steps as a basis, I can support the following
> scenario without worrying about crossing the policy line:
> - I have a user at Cardiff that needs to get to my SP
> - I need to have my SP interoperate with the Cardiff IdP
> - I log into the Federation Manager and discover the Cardiff IdP (via
> a discovery-like interface), which adds the Cardiff IdP to my list of
> IdP partners

I don't understand your resistance to simply creating a republishing
agreement rather than creating custom feeds. How is that less work? You seem
to be resistant to publishing metadata apriori but that's the only way we can
ever scale any of this. The alternative is that people will abandon metadata
and blindly trust endpoints.

Why impose a scalability barrier given that if the attribute issue were ever
to be solved, you'd have added yet another opt-in barrier that would take its

-- Scott

Archive powered by MHonArc 2.6.16.

Top of Page